package com.lantosec.hmrp.core.config;

import lombok.extern.log4j.Log4j2;
import org.apache.shiro.session.SessionException;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.LogoutFilter;
import org.apache.shiro.web.util.WebUtils;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import java.util.Locale;

@Log4j2
public class CustomLogoutFilter extends LogoutFilter {
    @Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) {
        Subject subject = this.getSubject(request, response);
        if (this.isPostOnlyLogout() && !"POST".equals(WebUtils.toHttp(request).getMethod().toUpperCase(Locale.ENGLISH))) {
            return this.onLogoutRequestNotAPost(request, response);
        } else {
            try {
                subject.logout();
            } catch (SessionException e) {
                log.error(e.getMessage(), e);
            }
            return true;
        }
    }
}
